Director Security Engineering

Mackenzie Investments (Toronto ON, Canada) 13 days ago

IGM Financial Inc. is one of Canada's premier financial services companies, and one of the country's largest managers and distributors of investment funds and other managed asset products, with over $253 billion in total assets under management as of April 30, 2021. Its activities are carried out principally through Investors Group Inc., Mackenzie Financial Corporation and Investment Planning Counsel Inc.

We are focused on the long-term strength and stability of our companies and recognize these as core responsibilities to our clients and shareholders as we adapt and lead in an ever-changing world.

Why should you join the IGM family?

  • Be part of a winning culture!
  • Your opportunity to develop and work with smart, highly capable leaders who are passionate and innovative
  • A genuine commitment to diversity and inclusion, through public goals, a variety of external partnerships/employee groups and an inclusive environment
  • A fulfilling employee experience – we offer competitive terms, a collaborative/respectful way of working and connect strongly with our community

The Role and Responsibility:

The Director of Security Engineering will help lead and scale a team of experienced engineers in the security and compliance space. The team is responsible for designing and implementing security for cloud-based platforms and plays an integral role in protecting IGM’s digital platforms across multi cloud environments. The role is also responsible for analyzing existing cloud capabilities and controls and creating new and enhanced security solutions.

The candidate must have hands-on experience in Security Engineering (Design and Build).


  • Lead and build a diverse team of high functioning security engineers to contribute, Identify and define security requirements for multi-cloud digital platforms (Azure, GCP)
  • Craft security strategies and roadmap for the security engineering team to help scale the infrastructure and meet business objectives
  • Enable the team to deliver projects and roll out new products at scale
  • Develop Security architecture and detailed and scalable security designs
  • Apply Secure by Design methodologies to enterprise infrastructure to provide secure services
  • Manage security infrastructure such as logging, auditing, secret management threat detection, and access management tooling
  • Provide recommendations and guidance to engineering teams for standard methodologies in secure development
  • Design redundancy and capacity to support 24/7/365 operations
  • Disaster Recovery and OOB systems management
  • Design information and operational support systems
  • Identify current and emerging technology issues including security trends, vulnerabilities and threats
  • Conduct proactive research to analyse security weaknesses and recommend appropriate strategies
  • Liaise with vendors to implement security solutions
  • Provide leadership to a distributed team of engineers and managers


  • Hands-on experience to install, configure, test, maintain and troubleshoot security systems, Secure Access Service Edge (SASE), e.g. Palo Alto Prisma: URL Filtering, Advanced Threat Protection, Remote User Security for anywhere, any device, any time access
  • Hands-on experience to Microsoft Azure platform including Azure Sentinel, Microsoft Cloud App Security, Microsoft 365 Security Centre, Microsoft Security & Compliance Centre, etc.
  • Deep knowledge of Microsoft M365 platform including Azure Active Directory Identity Protection, Microsoft Defender, Exchange Online Protection, Azure Identity Protection, Data Loss Prevention, Sensitivity Labels, Advanced Threat Protection, Microsoft Intune and Conditional Access Policies, etc.
  • Hands-on experience in implementing Information and Cyber Security in multi-cloud platforms including GCP and Azure.
  • Hands-on experience in implementing security hardening in cloud-based systems, network, endpoint and cloud infrastructure
  • Build technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks
  • Implementation of SIEM use cases and playbooks and detection and response plans
  • Build for redundancy, high availability and capacity to support 24/7/365 operations
  • Lead the team is responding to all infrastructure security breaches and support in the investigation of security incidents
  • Maintain security, backup, and redundancy strategies
  • Implement disaster recovery plan for corporate security systems
  • Distributed multi-cloud security design and implementation
  • Prepare and document standard operating procedures and protocols
  • Experience in leading the team in supporting Level 2, 3 and/or 4 escalation for production Incidents

In Scope Key Candidate Skills (Cloud Security Engineer)

  • Infrastructure as Code
  • Secure Access Service Edge (SASE)
  • Secure Data at Rest and Transit
  • VPC Security
  • ATP
  • Host and End-point Security
  • CASB
  • Active Directory and Azure Active Directory
  • IAM
  • PAM
  • MFA
  • Enterprise and Integrated DLP, Rights Management
  • PKI – Internal / External
  • Encryption and Key Management including HSM
  • Email Security
  • Storage Security
  • Backup and Disaster Recovery
  • Security Operations
  • Management and Automation Tools
  • Configuration Management
  • Logging, Monitoring and SIEM tools
  • Capacity and Performance Management
  • Threat prevention and extraction


  • Cloud Firewalls, Routing and Segmentation
  • VPN
  • WAF
  • DDoS, DNS and CDN
  • Web Content Filtering


  • 8+ years of hands on working experience in the participation of engineering and design of IaaS/PaaS/SaaS platforms
  • Passionate about evangelizing standards around application and infrastructure security
  • Strong core foundation experience in fundamental cloud technologies and services
  • Education at the bachelor or master level in Computer Science or equivalent technology related experience
  • One or more industry recognized information professional designations (CISSP, CISM, etc.)
  • Excellent knowledge and relevant experience in security domains related to Identity and Access Management, Data Security and Loss Prevention, End Point Protection, Cloud security, Vulnerability and Threat Management, etc.
  • Strong knowledge of Infrastructure Security (Perimeter Security, Network Solutions, hardening etc.), Security of cloud-based services and applications
  • Experience of working with new and disruptive technologies would be a definite asset
  • Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment
  • Superior leadership, collaboration, and interpersonal skills with a demonstrated ability to work effectively and build consensus in a multi-functional team environment.
  • Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors
  • Strong desire to implement change and contribute to the organization
  • Knowledge of the Financial Services industry regulations

Soft Skills:

  • Relationship Management:
    • Proven ability to establish and build healthy working relations and partnerships with clients, vendors and peers
    • Possess effective communication and interpersonal skills, and executive presence
    • Highly credible with senior executives while also able to connect and build trust- based relationships with stakeholders at all levels of an organization
    • Gain commitment, trust and support from others and will be able to sell ideas inside and outside the organization
  • Influence & Focus:
    • Ability to focus/align the organization around critical initiatives, best practices and guiding principles
    • Exceptional influencing skills and will work transparently and cooperatively with the cross-functional teams, effectively engaging all pertinent stakeholders, both internal and external
  • Determination:
    • The successful candidate will not be afraid to challenge the status quo
    • Exhibit a mindset of creativity, determination, and an energetic drive to succeed
    • Have a proven track record of setting and meeting aggressive goals and action plans, both as an individual and with a team
  • Versatility and Resilience:
    • Able to oversee multiple projects and excel in a complex and evolving portfolio
    • Demonstrate appropriate flexibility in all situations and will be comfortable with ambiguity, while pivoting from macro to micro issues, from shaping the technology, innovation, digital, and strategy agenda through to the day-to- day details of operations and compliance issues
  • Integrity:
    • Adhere to the highest standards of personal and professional integrity and will set a positive example for others
  • People Management:
    • Provide leadership and effective management of staff
    • Accountable to influence employee commitment to the organization, to the team, and to their job
    • Set appropriate context when assigning work to link the employee’s work to organizational/ business unit goals
    • Lead and build a team and individual capabilities to ensure employees can perform to job requirements

Internal Applicants:

If you are interested in applying for this position please direct applications on-line using the “apply for this job” icon located at the bottom or to the left of the posting. If you would like to refer someone for the position please email the posting using the “email this job” option and have your referral indicate that they were referred by you when completing the application. All resumes should be received by June 15, 2021. If you have any questions regarding this position, please contact Human Resources. Please record your extension number on your resume and cover letter. This position is a career level L9.

External Applicants:

We thank all applicants for their interest in Mackenzie Investments; however only those candidates selected for an interview will be contacted.

Mackenzie Investments offers an exciting and challenging work environment, a competitive base salary, performance-based bonuses, excellent benefits, recognition for your accomplishments, and opportunities for personal and professional growth.

Mackenzie Investments is an equal opportunity employer and is committed to providing employment accommodations in accordance with the Ontario Human Rights Code and the Accessibility of Ontarians with Disabilities Act. Please advise Human Resources if you require an accommodation.

File # 21-1092

More from Mackenzie Investments
Director, Identity Governance & Administration
Mackenzie Investments 12 days ago
Senior IAM Engineer
Mackenzie Investments 12 days ago
Senior Manager, ITSM Platform and Processes
Mackenzie Investments 12 days ago

Director Security Engineering

Apply On Company Site
Back to search page